Being aware of how important is to safeguard your personal data referring to your privacy, personal dignity and – in general – respecting your essential freedom, Zanolli Srl ensures that your personal data are processed according to the above and complying to the regulation in force (GDPR 679/2016) This Privacy Statement describes our handling of Personal Information and data of users, in connection with your use of our website (www.zanolli.com) and related services. It is drawn in compliance with art. 13 and 14 of GDPR 2016/679 (General Rules regarding data protection, published on the Gazzetta Ufficiale dell’Unione Europea in May 4th, 2016, in force since May 24th 2016) and with Recommendation n°2/2001. The above was issued by European Autorities on May 17th 2001, accepted by European Authorities for Personal Data Protection (gathered in the Group enforced by guideline n. 95/46/CE) on May 17th 2001 in order to identify minimal requirements for on-line data collection, mainly mode, times and nature of information that Controller must provide to users once they connect to web pages. Furthermore, we act in compliance with the Authority’s provision regarding personal data protection, released on the 8th of May 2014, containing “ identification of simplified modes for the policy and the consent obtaining for cookies use” (following named as “Provision”). The current policy relates exclusively to the website you are using, where Zanolli Srl is the Controller, not for other web sites eventually listed in the present one.
Zanolli Srl, legal head office in Via Ancona, 64/66 in Brescia (Italy). Today, Mr. Andrea Zanolli is the responsible in charge for personal data processing security, and can be contacted at the head-quarter above mentioned. A complete list of External Responsible is available on demand by the Controller.
User’s personal data will be collected, stored, treated and sent complying with Zanolli Srl criteria, law’s and regulations in force referring to data processing. User’s personal data treatment is based on following principles:
1) User’s data processing will be licit and correct
2) User’s personal data will be collected for specified, explicit and legitimate purposes and subsequently processed according to these purposes
3) User’s personal data collected will be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
4) User’s personal data collected will be accurate and where necessary kept up to date at best of our competences
5) User’s personal data will be protected against unauthorized access and treatment, through measures, managerial and technical control, reasonable in marketing and technical terms.
6) User’s personal data will be stored in a form which permits identification of data subjects for no longer than necessary in order to pursue purposes these have been collected for.
When a user browse our web site, this may collect different kind of information: with “personal data” we refer to any information which can directly identify the user, as well known as “of personal identification”, according to regulation in force. As an example, these might be: first name, last name, billing and shipping address, information related to billing or to credit card or bank account number, e-mail address, telephone number; chronology and information related to purchases, information related to position, combination of id and password used to access the web site. Personal data provided by users accessing the web site and directly sending an e-mail to the Controller (using form found in “contact” page and in the sheet of every product at the link “ask information about this product”), will be used exclusively in order to provide the required service, and will not be broadcasted or communicated to third parties, unless mandatory for laws in force or strictly needed In order to fulfill user’s request. The voluntary, discretionary and explicit transmission of e-mail through the page “contact”, for its own nature, involve the subsequent sender’s e-mail address acquisition (needed to replay to enquiries) and of other data eventually present in the e-mail. E-mail address and other data eventually present in the e-mail might be communicated to Zanolli Srl coworkers and employee, according to job and/or contract obligations. Therefore, our users are kindly requested no to forward names or other personal data of third parties -unless strictly needed - through the “contact” page, neither SPECIAL CATEGORIES OF PERSONAL DATA (art. 9 Reg. UE n.679/2016), described as “sensitive” by the former Italian regulation (personal data revealing racial or ethnic origin, religious or philosophical beliefs, political opinions, tread union membership and data revealing data concerning health or natural person’s sex life or sexual orientation) or legal information. Unless expressly requested, we kindly ask to users no to send us, neither broadcast sensitive personal data through or on our website, or in any other way to it related. Whenever we might ask users to provide us such information, we will ask for specific consent: processing such data is not foreseen by the Controller. When the user browse our web site, his/her presence is anonymous. Anyhow, systems and softwares in force for the web site functioning gather, normally, some personal data whose transmission is implicit in internet protocol of communication. These information aren’t gathered to be matched to identified subject, but to their own nature they might allow user’s identification through processing and connections belonging to third part. Such data are IP address, computer’s domain name used to connect the web site, URL address of requested resources, time of request, dimensions of the file obtained through the answer. These data are used only to obtain statistic anonymous information related to web site use, such as number of users, time spent on the web site, browsed pages, identify the area where the contact come from and in order to control the web site correct functioning ( Zanolli Srl web site uses Google Analytics, which operate on data anonymously). Such data might be used in order to assess responsibilities in case of cyber crime to the detriment of our web site.
We collect, store and process your personal data in order to provide you services through our website, in compliance with law prescriptions. Data will be collected exclusively for the following purposes:
- To comply with accounting and financial law and with any other regulation in force.
- In order to provide services offered and handle daily company needs: purchases, wedding list, etc.
- To allow users registration and access to defined web site areas
- For an effective management of our web site and services offered therein
-For newsletter service
- To directly contact users (e.g. via e-mail) following enquiries sent through contact forms in the web site
- For marketing, profiling and statistics
-To verify that information provided for transaction are valid, complete and not false.
- To provide customer’s assistance service
- To contact client for any problem that might arise in regard to order and related request
- Provide to users offers requested or purchased
- Process orders and payments made through web site
A part from what described above, referring to web surfing data, you are free to provide your personal data possibly required to fill different forms: registered users area and access in order to handle your profile and personal information, shipping and billing data, contact form, single product information request form, newsletter service activation form. Lack of data conferral will make impossible to answer to your enquiries.
Your personal data will be collected and processed, electronically or through papers, exclusively for the purposes described herein, no longer than required or, up to when the Controller will receive your request of cancellation for treatment related to optional consent. Data processing related to services provided through this web site is performed at Zanolli Srl legal head office and at the legal head office of the Company in charge for web site creation and servicing, Evoluzione Telematica S.r.l. which is our entrusted provider and acts as Responsible. Processing will be performed mainly automatically. Your personal data are processed according to abovementioned regulation provisions. Collected data are processed by authorized personnel only: all the operator accessing to your data are designated in charge for personal data processing, as foreseen by law in force. Collected data might be periodically updated with information gathered during settled relationship. We use controls, technical and managerial measures – commercially reasonable - in order to protect user’s personal data from unauthorized access, loss or abuses. Unfortunately, data on the Internet can’t be 100% safe. Thus, even if we protect all the personal information, we can’t be sure or warranty that these information will be completely protected by hackers or other criminal acts, or in case of fail/damages to software, hardware and web. The Controller will inform users whenever acknowledges security violation (as foreseen by law in force in case of “data breach”), related to users personal data under his control. If the users is willing to communicate us his/her personal e-mail address, he/she gives express consent to receive electronical warnings in case of security violation. When you register on our web site, you choose an Id and a password, which will allow you to access the website. In creating your password, we suggest you to pay attention to some simple rules, in order to make it harder to hacker: a safe password should be made at least of 8 figures, mixed letters and numbers, better if capital and lower case, inclusive of special key (like #, ^,! etc.). Moreover, we recommend to change your password on regular base, without communicating it to others. You are responsible for each single act mad through your account, if you should loose your password you might loose control on your personal information, and binding actions might be take place for and on behalf of you. Therefore, if for any reason your password might be compromised, change it immediately.
Without prejudice to mandatory communication, your data might be communicated to:
a) Third Parties which we rely on for services provision and related activities, designated by the Controller.
b) Delegates in charge for technical maintenance (included web maintenance), designated by the Controller.
Anyhow, just strictly needed data will be communicated to the abovementioned, related to tasks they are in charge for according to their role of Responsible/person in charge as appointed by the Controller as foreseen by the law in force. Personal data will not be broadcasted. The Controller cooperate with Law Enforcement and Authorities to make users respect rules, other users and third parties rights, included intellectual property rights. Therefore your personal data might be communicated, for illustrative yet incomplete purposes, to Authorities whenever needed in case of defense, prevention, verification or repression of crimes in compliance with related laws and regulations. Authorities will have the rights to ask and obtain your personal information also in relation to verification or investigation on swindle, web fraud, rights or intellectual property violation, hacking or other illicit actions which might involve us or our users in legal issues entailing civil or criminal responsibility.
Complying with law in force, at any time you might:
1. Be informed regarding your data presence
2. Know origin, content, goals and process pattern.
3. Logic underlying electronic treatment
4. Details of Controller, Processor, Parties whom your data have been communicated to
Moreover you have the right of:
1. Update, integrate, correct your data and rights of portability
2. Cancellation, anonymization, block of your data processed against law
3. Opposition to data processing, for legitimate reason, pertinent to processing
4. Opposition to data processing for marketing
According to GDPR 2016/679, you have the rights to complain to Authority. In order to exercise your right you can contact:
Via Ancona, 64/66 in Brescia
Tel +39 030 3541776
Fax +39 030 3531829.
In case the user will ask to access to his/her personal information or cancel them from our system and registers, we will to any possible extent, within timing foreseen. We inform our users that, due to technical limits and to the back up system, their information might be retained in our system for a certain length of time following cancellation. All rights are due to the Controller for refuse personal data access or cancellation request, if access or cancellation are not foreseen by law. In order to safeguard from illicit requests, all rights are due for collecting sufficient information aimed to verify the identity of the applicant, before correcting or granting access.
By subscribing our newsletter service you accept to provide your data in order to receive news about offers, advertising, ventures. Requested data are the essential one needed in order to receive the above mentioned communication. You might subscribe the newsletter service also during web site registration process, ore in your personal area, once registered. In order to stop receiving newsletter, you can at any time inform us that you are no longer willing to use the service. To do so, follow the “unsubscribe” procedure listed at the end of every received e-mail.
If you registered, whenever your personal data will variate, please report the variation in your personal area. You can register and create a personal account in order to use some of the available services, such us handling your purchases. Account creation is not mandatory and, once done, it can be cancelled at any time. In order to create your account identification and contact data have to be provided: data marked as mandatory are essential to complete the registration process and, if lacking, it won’t be possible to successfully end the process.
You can purchase on line as guest or as registered user. By purchasing on line, you will provide your address, telephone numbers, electronic contacts, identification and payment data. If you won’t provide all needed data, it won’t be possible to successfully end the purchasing process. During purchasing process, mandatory and discretionary data will be clearly marked, therefore you can choose not to provide discretionary data yet continuing to use the web site and purchasing on it. Whenever your personal data will variate, please report the variation in your personal area, if registered.
13.1- Minor using web site
Our web site is not addressed to minors (younger than 18 y.o.), not even addressed to younger tha 13 y.o. We do not intentionally collect nor ask information related to minors.
13.2 - Data transfer
Your data will be stored in database on our server or on our entrusted provider’s server appointed as Responsible, in Italy, or in EU Countries or in Switzerland, where clauses for a safe transfer of data are in force. Collected data might be stored in server based in the USA or other countries
All rights are due to the Controller for changing web site and Policy at any time.
User must always refer to on line policy, as current version. Changes will be in force from the moment they will be published on the web site. If the user will keep using the web site after any change, this will be considered as an acceptance of such changes.